/**
 * OWASP GoatDroid Project
 * 
 * This file is part of the Open Web Application Security Project (OWASP)
 * GoatDroid project. For details, please see
 * https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project
 *
 * Copyright (c) 2011 - The OWASP Foundation
 * 
 * GoatDroid is published by OWASP under the GPLv3 license. You should read and accept the
 * LICENSE before you use, modify, and/or redistribute this software.
 * 
 * @author Jack Mannino, nVisium Security (https://www.nvisiumsecurity.com)
 * @created 2011
 */
package org.owasp.goatdroid.fourgoats.webservice.history;

import java.sql.SQLException;
import java.util.ArrayList;
import java.util.HashMap;
import org.owasp.goatdroid.fourgoats.webservice.Constants;
import org.owasp.goatdroid.fourgoats.webservice.history.beans.HistoryBean;
import org.owasp.goatdroid.fourgoats.webservice.history.beans.HistoryCheckinBean;
import org.owasp.goatdroid.fourgoats.webservice.login.LoginImpl;
import org.owasp.goatdroid.fourgoats.webservice.validators.Validators;

public class HistoryImpl {

	static public HistoryBean getHistory(String sessionToken) {

		HistoryBean bean = new HistoryBean();
		ArrayList<String> errors = new ArrayList<String>();
		if (LoginImpl.isSessionValid(sessionToken)
				&& Validators.validateSessionTokenFormat(sessionToken)) {
			try {
				HistoryDAO dao = new HistoryDAO();

				HashMap<String, String> history = dao.getCheckinHistory(dao
						.getUserID(sessionToken));
				bean.setHistory(history);
				dao.closeConnection();
				bean.setSuccess(true);
				return bean;
			} catch (InstantiationException e) {
				errors.add(Constants.UNEXPECTED_ERROR);
			} catch (IllegalAccessException e) {
				errors.add(Constants.UNEXPECTED_ERROR);
			} catch (ClassNotFoundException e) {
				errors.add(Constants.UNEXPECTED_ERROR);
			} catch (SQLException e) {
				errors.add(Constants.UNEXPECTED_ERROR);
			}
		} else
			errors.add(Constants.INVALID_SESSION);
		bean.setSuccess(false);
		bean.setErrors(errors);
		return bean;
	}

	static public HistoryCheckinBean getCheckin(String sessionToken,
			String checkinID) {

		HistoryCheckinBean bean = new HistoryCheckinBean();
		ArrayList<String> errors = new ArrayList<String>();
		if (LoginImpl.isSessionValid(sessionToken)
				&& Validators.validateSessionTokenFormat(sessionToken)) {
			if (Validators.validateIDFormat(checkinID)) {
				try {
					HistoryDAO dao = new HistoryDAO();
					String userID = dao.getUserID(sessionToken);
					String checkinOwner = dao.getCheckinOwner(checkinID);
					if (userID.equals(checkinOwner)
							|| dao.isProfilePublic(checkinOwner)
							|| dao.isFriend(userID, checkinOwner)) {
						bean.setVenueName(dao.getVenueName(checkinID));
						HashMap<String, String> checkinInfo = dao
								.getCheckinInfo(checkinID);
						bean.setDateTime(checkinInfo.get("dateTime"));
						bean.setVenueWebsite(dao.getVenueWebsite(checkinID));
						bean.setLatitude(checkinInfo.get("latitude"));
						bean.setLongitude(checkinInfo.get("longitude"));
						bean.setComments(dao.selectComments(checkinID));
						dao.closeConnection();
						bean.setSuccess(true);
						return bean;

					} else {
						errors.add(Constants.NOT_AUTHORIZED);

					}

				} catch (InstantiationException e) {
					errors.add(Constants.UNEXPECTED_ERROR);
				} catch (IllegalAccessException e) {
					errors.add(Constants.UNEXPECTED_ERROR);
				} catch (ClassNotFoundException e) {
					errors.add(Constants.UNEXPECTED_ERROR);
				} catch (SQLException e) {
					errors.add(Constants.UNEXPECTED_ERROR);
				}
			} else
				errors.add(Constants.UNEXPECTED_ERROR);
		} else
			errors.add(Constants.INVALID_SESSION);

		bean.setSuccess(false);
		bean.setErrors(errors);
		return bean;

	}

	static public HistoryBean getUserHistory(String sessionToken,
			String userName) {

		HistoryBean bean = new HistoryBean();
		ArrayList<String> errors = new ArrayList<String>();
		if (LoginImpl.isSessionValid(sessionToken)
				&& Validators.validateSessionTokenFormat(sessionToken)) {
			try {
				HistoryDAO dao = new HistoryDAO();

				HashMap<String, String> history = dao
						.getCheckinHistoryByUserName(userName);
				bean.setHistory(history);
				dao.closeConnection();
				bean.setSuccess(true);
				return bean;
			} catch (InstantiationException e) {
				errors.add(Constants.UNEXPECTED_ERROR);
			} catch (IllegalAccessException e) {
				errors.add(Constants.UNEXPECTED_ERROR);
			} catch (ClassNotFoundException e) {
				errors.add(Constants.UNEXPECTED_ERROR);
			} catch (SQLException e) {
				errors.add(Constants.UNEXPECTED_ERROR);
			}
		} else
			errors.add(Constants.INVALID_SESSION);
		bean.setSuccess(false);
		bean.setErrors(errors);
		return bean;
	}
}
